VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 8, 2025· Updated Apr 15, 2026

CVE-2025-40293

CVE-2025-40293

Description

In the Linux kernel, the following vulnerability has been resolved:

iommufd: Don't overflow during division for dirty tracking

If pgshift is 63 then BITS_PER_TYPE(*bitmap->bitmap) * pgsize will overflow to 0 and this triggers divide by 0.

In this case the index should just be 0, so reorganize things to divide by shift and avoid hitting any overflows.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Integer overflow in iommufd dirty tracking can cause divide-by-zero when pgshift is 63, leading to a kernel crash.

Vulnerability

Analysis In the Linux kernel's iommufd subsystem, a flaw in dirty tracking calculations can lead to an integer overflow when pgshift is 63. The division operation BITS_PER_TYPE(*bitmap->bitmap) * pgsize overflows to zero, causing a divide-by-zero error [1].

Exploitation

This vulnerability is triggered locally when pgshift is set to 63 during dirty tracking configuration. No special privileges are required beyond normal access to iommufd operations. The overflow results in a division by zero, which likely causes a kernel panic [2].

Impact

A successful exploitation results in a denial of service (DoS) via kernel crash. There is no evidence of privilege escalation or arbitrary code execution from this bug.

Mitigation

The fix reorganizes the calculation to divide by shift first, avoiding the overflow. Patches are available in stable kernel updates [1][2].

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

5
07105e61882f
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
4c8a4f1d34ec
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
de7f2c67ceb1
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
dbf316fc90aa
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
cb30dfa75d55
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

5

News mentions

0

No linked articles in our index yet.